b. Upgraded UP and SMP kernels for ESX Server 2.5.4 fix a number of security issues.

The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CVE-2005-3055, CVE-2005-3273,
CVE-2006-1056, CVE-2006-1342, CVE-2006-1343, CVE-2006-1864, and
CVE-2006-2071 to this issue. The new kernel version is 2.4.9-e.71.

ESX 2.5.4 Upgrade Patch 9 (Build# 47255)

c. An update to the Kerberos network authentication packages provided in
the VMware ESX Server Service Console. Possible vulnerabilities have
been found with the krb5 telnet daemon, the Kerberos KDC, and kadmin.

Although these features are not enabled in the Service Console by default,
VMware recommends that all users apply this patch.

The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the names CVE-2007-0956, CVE-2007-0957, and CVE-2007-1216 to this issue.